<?php
$txtpass=replatestring($_POST[txtpass],false);
$txtpass= md5($txtpass);
$login_name=replatestring($_POST[login_name],false);
$txthoten=replatestring($_POST[txthoten],false);
$txtdiachi=replatestring($_POST[txtdiachi],false);
$txtmobile=replatestring($_POST[txtmobile],false);
$txtemail=replatestring($_POST[txtemail],false);
$txtbirthday=replatestring($_POST[txtbirthday],false);
$identify_card=replatestring($_POST[identify_card],false);
$room=$_POST['room'];
$chucvu=$_POST['chucvu'];
$quyen=$_POST['quyen'];
$listnhom=replatestring($_POST[listnhom],false);
$txtstatus=replatestring($_POST[txtstatus],false);

$id=replatestring($_POST[id],false);
//Kiem tra tính hợp lệ của dữ liệu
$data=false;

if(checkstring($txtemail,"email",150)==true){$data=true;}
if(checkstring($listnhom,"number",2)==true){$data=true;}


if($data==true){
	if($id==""){
	//THem Tai Khoan
		//echo ;
		$checkue=false;
		if(catchinfor($txtemail,"account_email","account_id","tb_account_admin")!=""){
		$checkue=true;
		$cauthongbao="Email đã tồn tại";
		$link="index.php?progid=3";
		thongbao($cauthongbao,$link);}		
		if($checkue==false){
		mysql_query("insert into tb_account_admin (account_email,account_pass,login_name,account_name,account_address,birthday,account_mobile,identify_card,room_id,position,level,account_status,	account_role) 
						value('$txtemail','$txtpass','$login_name','$txthoten','$txtdiachi','$txtbirthday','$txtmobile','$identify_card','$room','$chucvu','$quyen','$txtstatus','$listnhom')");
		$cauthongbao="Bạn đã thêm thành công";
		$link="index.php?progid=3";
		thongbao($cauthongbao,$link);
		}	
	}else{
	//Sủa tài khỏan
		$checkue=false;
		if(catchinfor3($txtemail,"account_email",$id,"account_id","account_id","tb_account_admin")!=""){
		$checkue=true;
		$cauthongbao="Email đã tồn tại";
		$link="index.php?progid=3&account=sua&id=".$id;
		thongbao($cauthongbao,$link);}		
		if($checkue==false){
		//mysql_query("call sp_tbtaikhoan_sua('$txtuser','$txthoten','$txtdiachi','$txtphone','$txtmobile','$txtemail','$listnhom','$txtstatus','$id') ");
		mysql_query("Update tb_account_admin SET  login_name='$login_name', account_name='$txthoten', account_address='$txtdiachi',birthday='$txtbirthday',account_mobile='$txtmobile',identify_card='$identify_card',room_id='$room',position='$chucvu',account_email='$txtemail',level='$quyen',account_status='$txtstatus',account_role='$listnhom' where account_id= '$id'");
			if($_POST[txtpass]!=""){
			//mysql_query("call sp_tbtaikhoan_sua_pass('$id','$txtpass') ");
			mysql_query("update tb_account_admin set account_pass= '$txtpass' where account_id='$id'");
			}
		$cauthongbao="Bạn đã sửa thành công";
		$link="index.php?progid=3";
		thongbao($cauthongbao,$link);
		
		}
	}
}else{
		$cauthongbao="Dữ liệu không hợp lệ";
		$link="index.php?progid=3";
		thongbao($cauthongbao,$link);
}
?>